Published: 29/08/2022 Updated: 09/12/2022

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 0

It exists that the QEMU vhost-user GPU device contained several security issues. An attacker inside the guest could use these issues to cause QEMU to crash, resulting in a denial of service, leak sensitive information, or possibly execute arbitrary code. This issue only affected Ubuntu 21.10. (CVE-2021-3544, CVE-2021-3545, CVE-2021-3546)

Vulnerable Product	Search on Vulmon	Subscribe to Product
qemu qemu
redhat enterprise linux 8.0

Several security issues were fixed in QEMU ...

Synopsis Moderate: virt:av and virt-devel:av security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for the virt:av and virt-devel:av modules is now available for Advanced Virtualization for ...

Synopsis Moderate: virt:rhel and virt-devel:rhel security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8Red H ...

Synopsis Moderate: virt:rhel and virt-devel:rhel security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise L ...

Synopsis Moderate: virt:av and virt-devel:av qemu-kvm security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for the virt:av and virt-devel:av modules is now available for Red Hat Enterprise Linux Advanc ...

Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service or the execution of arbitrary code For the stable distribution (bullseye), this problem has been fixed in version 1:52+dfsg-11+deb11u2 We recommend that you upgrade your qemu packages For the detailed security status of qemu plea ...

A flaw was found in the QEMU virtio-fs shared file system daemon (virtiofsd) implementation A local guest user can create files in the directories shared by virtio-fs with unintended group ownership in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of the group This issue allows a malicious u ...

A vulnerability was found in the fs/inodec:inode_init_owner() function logic of the LInux kernel that allows local users to create files with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of th ...

CWE-273 https://access.redhat.com/security/cve/CVE-2022-0358 https://gitlab.com/qemu-project/qemu/-/commit/449e8171f96a6a944d1f3b7d3627ae059eae21ca https://bugzilla.redhat.com/show_bug.cgi?id=2044863 https://security.netapp.com/advisory/ntap-20221007-0008/https://nvd.nist.gov https://ubuntu.com/security/notices/USN-5307-1

Get Started

CVE-2022-0358

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect